mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-05 17:01:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/parser/tst/simple_tests
History
John Johansen 2416faac54 parser: support matching xattr keys but not values 
Support profiles that choose to match the presence of an extended
attribute without validating its value. This lets AppArmor target xattrs
with binary data, such as security.ima and security.evm values. For
example, it's now possible to write a profile such as:

        profile signed_binaries /** xattrs=(security.ima) {
                # ...
        }

Both presence and value matches can be used in the same profile. To
match a signed xattr, target both the xattr and the security.ima value:

        profile python_script /** xattrs=(
                security.evm
                security.apparmor="python"
        ) {
                # ...
        }

Updated to work using out of band matching instead of separate data
array.

Signed-off-by: Eric Chiang <ericchiang@google.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
2019-11-26 21:32:08 -08:00
..
abi disable abi/ok_10 and abi/ok_12 tests 2018-11-06 21:33:12 +01:00
bare_include_tests parser: add support for conditional includes 2018-01-20 00:32:20 -08:00
capability Add tests for various rules outside of a profile 2015-10-19 21:13:48 +02:00
change_hat as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
change_profile Fix: make sure overlapping safe and unsafe exec rules conflict 2016-06-02 22:24:22 -07:00
conditional Fix some parser test syntax errors 2015-07-06 13:25:38 +02:00
dbus Add some simple_tests ("deny dbus name=(SomeService)," and "deny file,") 2016-01-07 23:39:56 +01:00
file Add testcases for 'owner link' rules 2019-04-22 13:36:33 +02:00
include_tests parser: add support for conditional includes 2018-01-20 00:32:20 -08:00
includes parser tests: fix includes to allow white space 2018-01-20 00:32:20 -08:00
includes-preamble Move preamble inclusions to a different directory since it was breaking 2008-11-25 19:05:40 +00:00
mount Add tests for various rules outside of a profile 2015-10-19 21:13:48 +02:00
network parser: Allow AF_UNSPEC family in network rules 2016-02-18 12:35:35 -06:00
profile parser: Allow the profile keyword to be used with namespaces 2016-02-18 15:58:06 -06:00
ptrace Add tests for various rules outside of a profile 2015-10-19 21:13:48 +02:00
rewrite parse_profile_data(): error out on alias inside profile 2018-05-06 14:27:32 +02:00
rlimits Add tests for various rules outside of a profile 2015-10-19 21:13:48 +02:00
signal Add tests for various rules outside of a profile 2015-10-19 21:13:48 +02:00
unix Remove the use of dbus from comments and policy from unix tests 2017-10-09 13:18:08 -07:00
vars Remove TODO notes from no-longer-failing tests 2018-08-22 22:24:43 +02:00
xattrs parser: support matching xattr keys but not values 2019-11-26 21:32:08 -08:00
xtrans Remove TODO notes from no-longer-failing tests 2018-08-22 22:24:43 +02:00
readme Add missing files from my last 11 patches as I forgot to do bzr add before 2010-12-20 13:18:36 -08:00

readme 

Directory for auto generated x-transition tests